Token authentication
Max Stoiber
I'm integrating keystone as CMS into a loopback application. While working with 0.4.0-alpha made my life much easier already, it still requires cookie based auth for the admin ui - while the rest of my app does not.
I was wondering if there are plans to support token auth (e.g. Bearer token via authorization header).
I understand that this request has impact on both, admin ui and server routers.
However, it will give a great deal of flexibility and open possibilities even wider.
N
Nick Shearer
fwiw I switched the admin auth over to use my passport/token auth by changing the signin / sign out urls in the keystone.init. ie.
keystone.init({
...
'auth': true,
'user model': 'User',
'signin url': '/auth/signin?target=%2Fkeystone',
'signout url': '/auth/signout',
'signout redirect': '/',
})
my templates don't use those params, so only the keystone admin uses those redirects. (my templates set the target to the current page so you are returned to the correct place on login/logout).
works fine for me, but i guess it reques that you have those sign in and sign out pages correctly loading the user, and the user having the isAdmin property set correctly.